class UsersController < ApplicationController
  
  skip_before_filter :login_required, :only => [ :new, :create ]
  skip_before_filter :project_required, :only => [ :new, :create ]
  skip_before_filter :check_rights, :only => [ :new, :create ]

  def new
  end
  
  def index
    redirect_to :controller => 'users', :action => 'show'
  end
  
  def show
    
  end

  def create
    cookies.delete :auth_token
    # protects against session fixation attacks, wreaks havoc with 
    # request forgery protection.
    # uncomment at your own risk
    # reset_session
    @user = User.new(params[:user])
    pm = @user.project_members.build
    pm.project = Project.find_by_title('system')
    pm.role = Role.find_by_name('user')
    @user.save
    if @user.errors.empty?
      self.current_user = @user
      self.current_project = Project.find(:first)
      redirect_back_or_default('/')
      flash[:notice] = "Thanks for signing up!"
    else
      render :action => 'new'
    end
  end

end
